Security Engineer Offensive Security

Company Overview

We are supporting an opportunity with a leading Asia-based financial services organization with a strong presence across global markets. The company operates in a high-performance, regulated environment supporting critical trading and enterprise platforms.

Role Summary

We are seeking a Security Engineer with 1–3 years of experience in offensive security, red teaming, or penetration testing. The role focuses on identifying vulnerabilities, simulating real-world attacks, and strengthening security controls across applications, infrastructure, and networks.

Key Responsibilities

• Conduct penetration testing across web applications, APIs, networks, and internal systems
• Perform vulnerability assessments and provide clear remediation recommendations
• Support red team engagements and simulated attack scenarios
• Identify security weaknesses across cloud and on-prem environments
• Collaborate with engineering and infrastructure teams to improve security posture
• Document findings, risk ratings, and mitigation steps
• Assist in incident response and security investigations when required
• Stay updated with emerging attack techniques, tools, and threat intelligence

Requirements

• 1–3 years of experience in offensive security, penetration testing, or red team operations
• Strong understanding of OWASP Top 10 and common exploitation techniques
• Hands-on experience with tools such as Burp Suite, Nmap, Metasploit, Wireshark, etc.
• Good understanding of Linux systems and scripting (Python, Bash, or similar)
• Knowledge of networking fundamentals and system architecture
• Exposure to cloud platforms (AWS, Azure, or GCP) is a plus
• Relevant certifications (CEH, OSCP, eJPT) are an advantage but not mandatory
• Strong analytical, problem-solving, and communication skills